General
-
Target
W4.7.exe
-
Size
48KB
-
Sample
241121-jhrzqszmaw
-
MD5
140fed31d72907557abf8cf78fc5ea0c
-
SHA1
2a8f6cab09d472253d857fed3b3fc0f22a0045da
-
SHA256
f1ba1c4001946a9008940deca301c236a8114457dd06e466274503ed324eb3f4
-
SHA512
f16bbf6c5b8813b0e8e605c7aa42979ca23e34bc3fcccbaabab9e2fcc210667d4f8baffada74446c6047661973a67d176820890de72a3066f1692361ecacef14
-
SSDEEP
1536:6625Dpcpnwwb6Xmg/lS/9UbzR4jDUsTl7Lfnouy8:664DCzUdMUbzR4n3Tl7Tout
Behavioral task
behavioral1
Sample
W4.7.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
W4.7.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
W4.7.exe
-
Size
48KB
-
MD5
140fed31d72907557abf8cf78fc5ea0c
-
SHA1
2a8f6cab09d472253d857fed3b3fc0f22a0045da
-
SHA256
f1ba1c4001946a9008940deca301c236a8114457dd06e466274503ed324eb3f4
-
SHA512
f16bbf6c5b8813b0e8e605c7aa42979ca23e34bc3fcccbaabab9e2fcc210667d4f8baffada74446c6047661973a67d176820890de72a3066f1692361ecacef14
-
SSDEEP
1536:6625Dpcpnwwb6Xmg/lS/9UbzR4jDUsTl7Lfnouy8:664DCzUdMUbzR4n3Tl7Tout
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Indicator Removal
1File Deletion
1Modify Registry
5